Providing proof that a digital file was originated by a particular user and has not been tampered with since or substituted with a forgery is not an easy problem to solve. Digital files of particular importance are public keys, the public domain part of asymmetric encryption keys since more than one confidential information file is likely to be encrypted using these. If a public key is a forgery, the forger will hold the corresponding private key and be able to access all of the confidential information encrypted.
Authentication of public keys is traditionally done using certificates whereby a trusted third party (TPA) acts as a Certification Authority (CA) and publishes public keys and their associated owner's identities (ID's) in the form of certificates. These certificates are digitally signed using the private key of the CA so that the authenticity of a certificate may be checked by anyone using the public key of the CA.
The binding of the ID with the public key is the critical issue. There are several problems with the CA approach. A central server has to be constantly available, accessible under varying traffic conditions and hacker proof. Strict security procedures need to be followed by the CA to check ID's before issuing each certificate. Also procedures need to be in place to prevent tampering of certificates. The CA has to have credible trustworthiness. Apart from checking the digital signature a user cannot directly verify the associated ID of a public key.
The specification below describes a method in which a recipient can authenticate by themselves a public key (or any digital file) and the associated ID by using biometric information and provides multi-factor authentication as recommended by government regulators (for example the US Federal Financial Institutions Examination Council). The multi-factors are something known (a secret number or password), something owned (a device, a computer or piece of equipment) and various types of biometric information. The prior art describes different authentication methods from the specification with this aim. As described in U.S. Pat. No. 7,606,768 B2 by Graubart et al [1], the originator of a document generates a voice message which includes their ID and a secret number, a PIN. The voice message is appended to the document to form a data file. A polynomial hash of the data file is calculated and encrypted using the PIN as the basis of the encryption key. The recipient is able to authenticate the originator's ID by recognising the originator's voice in the voice message. The document is bound to the originator through the PIN encrypted hash. Provided the PIN is kept secret, a forger cannot change the document without invalidating the encrypted hash.
The disadvantage of this method described in U.S. Pat. No. 7,606,768 B2 is that while the biometric content provides strong binding to the originator's ID, the binding to the document is weak in that if a forger is able to learn the PIN then the forger can replace the document with a forged document, calculate a new encrypted hash and utilise the originator's voice message to provide authentication.
In the method described below a document is bound to the originator by making the biometric authentication information a function of the document which is not the case for U.S. Pat. No. 7,606,768 B2.